package com.cntaiping.fsc.security.util;

import com.alibaba.fastjson.JSONObject;
import com.alibaba.fastjson.parser.Feature;
import com.alibaba.fastjson.serializer.SerializerFeature;
import com.cntaiping.fsc.core.util.SessionUtil;
import com.cntaiping.fsc.core.util.WebSessionUtil;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpSession;
import java.io.UnsupportedEncodingException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.ArrayList;
import java.util.Base64;
import java.util.Collections;
import java.util.Map;
import java.util.TreeMap;
import org.apache.commons.codec.binary.Hex;
import org.apache.commons.codec.digest.DigestUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.http.server.reactive.ServerHttpRequest;
import org.springframework.util.StringUtils;
import org.springframework.web.server.ServerWebExchange;

/* loaded from: input_file:com/cntaiping/fsc/security/util/SignatureUtil.class */
public class SignatureUtil {
    protected static final Logger LOG = LoggerFactory.getLogger(SignatureUtil.class);
    private static final String DEFAULT_APP_SECRET;
    private static final String SIGNATURE_CONNECTOR = "&";
    private static final String KEY_VALUE_CONNECTOR = "=";

    public static String getAppToken(HttpServletRequest httpServletRequest) {
        return httpServletRequest.getHeader("x-app-token");
    }

    public static String generatePreSignature(TreeMap<String, String> treeMap) {
        StringBuffer stringBuffer = new StringBuffer();
        String lastKey = treeMap.lastKey();
        for (Map.Entry<String, String> entry : treeMap.entrySet()) {
            stringBuffer.append(entry.getKey());
            stringBuffer.append(KEY_VALUE_CONNECTOR);
            stringBuffer.append(entry.getValue());
            if (!entry.getKey().equals(lastKey)) {
                stringBuffer.append(SIGNATURE_CONNECTOR);
            }
        }
        return stringBuffer.toString();
    }

    public static String generateSignatureSha256Hex(String str) {
        return DigestUtils.sha256Hex(str);
    }

    public static String generateSignatureSha1Hex(String str) {
        return DigestUtils.sha1Hex(str);
    }

    public static String generateSignatureSha1HexBase64(String str) {
        return Base64.getEncoder().encodeToString(DigestUtils.sha1Hex(str).getBytes());
    }

    public static String createSignature(TreeMap<String, String> treeMap) {
        return generateSignatureSha1Hex(generatePreSignature(treeMap));
    }

    public static String createAppToken(TreeMap<String, String> treeMap) {
        treeMap.put("x-app-secret", DEFAULT_APP_SECRET);
        return createSignature(treeMap);
    }

    public static String createAppToken(HttpSession httpSession, String str, String str2, String str3) {
        String str4 = null;
        if (httpSession != null) {
            str4 = (String) httpSession.getAttribute("x-app-token");
        }
        if (!StringUtils.hasText(str4)) {
            TreeMap treeMap = new TreeMap();
            treeMap.put("x-app-client-ip", str2);
            treeMap.put("x-app-id", str);
            treeMap.put("x-app-random", str3);
            treeMap.put("x-app-secret", DEFAULT_APP_SECRET);
            str4 = createAppToken(treeMap);
            if (httpSession != null) {
                httpSession.setAttribute("x-app-token", str4);
            }
        }
        return str4;
    }

    public static boolean validateAppToken(String str, TreeMap<String, String> treeMap) {
        String str2 = null;
        if (treeMap != null && treeMap.size() > 2 && StringUtils.hasText(str)) {
            str2 = createAppToken(treeMap);
            if (str.equals(str2)) {
                return true;
            }
        }
        LOG.warn("App Token validate fail! RequestToken: {}, ValidateToken: {}", str, str2);
        return false;
    }

    public static String createSessionToken(String str, String str2, String str3) {
        return generateSignatureSha256Hex(str + str2 + str3 + DEFAULT_APP_SECRET);
    }

    public static boolean validateSessionToken(String str, String str2, ServerWebExchange serverWebExchange) {
        if (StringUtils.hasText(str2)) {
            ServerHttpRequest request = serverWebExchange.getRequest();
            if (str2.equals(createSessionToken(str, WebSessionUtil.getRemoteHost(request), WebSessionUtil.getClientType(request)))) {
                return true;
            }
        }
        LOG.warn("Session Token validate fail! RequestToken: {} ", str2);
        return false;
    }

    public static boolean validateSessionToken(String str, String str2, HttpServletRequest httpServletRequest) {
        if (StringUtils.hasText(str2) && str2.equals(createSessionToken(str, SessionUtil.getRemoteHost(httpServletRequest), SessionUtil.getClientType(httpServletRequest)))) {
            return true;
        }
        LOG.warn("Session Token validate fail! RequestToken: {} ", str2);
        return false;
    }

    public static String createFsToken(String str, String str2, String str3) {
        return generateSignatureSha1Hex(str + str2 + str3 + DEFAULT_APP_SECRET);
    }

    public static String createFsToken(String str, HttpServletRequest httpServletRequest) {
        return createFsToken(str, SessionUtil.getRemoteHost(httpServletRequest), SessionUtil.getClientType(httpServletRequest));
    }

    public static boolean validateFsToken(String str, String str2, HttpServletRequest httpServletRequest) {
        String str3 = null;
        if (StringUtils.hasText(str2)) {
            str3 = createFsToken(str, httpServletRequest);
            if (str2.equals(str3)) {
                return true;
            }
        }
        LOG.warn("FS Token validate fail! RequestToken: {}, ValidateToken: {}", str2, str3);
        return false;
    }

    public static String encryptStr(Map<String, String> map) throws NoSuchAlgorithmException, UnsupportedEncodingException {
        return new String(Base64.getEncoder().encode(Hex.encodeHexString(MessageDigest.getInstance("SHA1").digest(getEncryptString(map).getBytes())).getBytes("UTF-8")));
    }

    public static String getEncryptString(Map<String, String> map) {
        if (StringUtils.hasText(map.get("body"))) {
            JSONObject parseObject = JSONObject.parseObject(map.get("body"), new Feature[]{Feature.OrderedField});
            if (parseObject.containsKey("file")) {
                parseObject.remove("file");
                map.put("body", JSONObject.toJSONString(parseObject, new SerializerFeature[]{SerializerFeature.WriteMapNullValue}));
            }
        }
        ArrayList arrayList = new ArrayList(map.keySet());
        Collections.sort(arrayList);
        String str = "";
        for (int i = 0; i < arrayList.size(); i++) {
            str = str + ((String) arrayList.get(i)) + "=" + (map.get(arrayList.get(i)) == null ? "" : map.get(arrayList.get(i))) + "&";
        }
        if (StringUtils.hasText(str) && str.endsWith(SIGNATURE_CONNECTOR)) {
            str = str.substring(0, str.length() - 1);
        }
        return str;
    }

    static {
        String str = System.getenv("TPCLOUD_SECRET");
        if (StringUtils.hasText(str)) {
            DEFAULT_APP_SECRET = str;
        } else {
            DEFAULT_APP_SECRET = "TpCloud2021!!Bin##@5025";
        }
    }
}
